Password shown when logging in

Password shown when logging in

Frankly I'm not sure this is the proper place for this, but I couldn't find a way to log a bug about AT&T's website anywhere else - I noticed that while typing in my password my password was visible, one character at a time before the character was blacked out. This seems like a major bug. Despite the fact that the input field is of type "password", it looks like there's JavaScript executing on keypress, changing the character out to some image, rather than just letting the browser do it's thing. The delay in replacing the character and not just letting the browser do what it's supposed to do is a serious security concern for anyone logging in to manage their account.

I'm running Windows 7, using the latest stable build of Chrome when this happens.

Ditto for me. It does show each character for half a second, but changes to dots.

This is very bad.

Before, it would show the password all the time. Now it shows the password for half a second and then changes to dots.

So, it seems like AT&T is working on it. But it is still very bad, very unsecure!

I hope AT&T fixes this!!

it appears to be shorter then a half second, but if you hit the next character in the password the previous character is turned to a dot immediately. Accessing my bank and credit card accounts via mobile and web do the same thing.

Been going on since then. I got no answer from anyone then so i thought it was just me. Mine is still doing this, but i only log in from my home computer so i don't worry about it so much. But i guess it is more widespread now.

Been going on since then. I got no answer from anyone then so i thought it was just me. Mine is still doing this, but i only log in from my home computer so i don't worry about it so much. But i guess it is more widespread now.

Definitely have a coding problem in the system.

doubt it is a coding problem, hav it happen on other accounts outside of my att accounts - seems to be that way when there is a mobile app to access the account and a normal web based app to access the same account.

Can understand it becasue with todays touch screens and keyboards on mobile devices it is really easy to think you are pressing the R key and it is accuually the E or T key that you are pressing, get a invalid password 3 times like that and you account is locked, the you have to call the organization to get it unlocked. Personally can live with the brief displace of the keystroke for verification, but then I make sure that n one is arround me when I type my passwords on the mobile app or staring at my keyboard on the web app. In the keyboard senario it is a lot easier to grab the password by watching the keys that are being pressed then the breif display on the screen

cellnewbie09 wrote:This post is not about apps or mobile apps or accessing www.att.com/myatt though the cell phone.

This Post is about regular browsers on regular desktop computers.

When I try to login on my DESKTOP (not app!!) the password shows for about 2 secs and then turns into the black dots.

This is NOT expected to happen in the year 2013. Regardless of whether one tries to login via DESKTOP (what this post is about) or via mobile devices.

Please reread this post and offer positive responses before replying.

it shows on mine for less then a half second, if you immediately type the next character the first one is hidden as soon as you depress the next key - IE 9 & IE 10 both react the same way. I did read it and tested it on both mobile access, a wirelessly connected laptop and a hardwired desktop.

Re: Password shown when logging in

Apparently, this has been going on for a while. I've reported the password log in problem to ATT twice and did not get any good results. The first time, I was told the problem was going to be corrected, but the representative didn't know when. Over a month later, I reported it again and was told it wasn't ATT's problem, that I had to contact my e-mail provider. However, I don't have the same problem on my e-mail or when logging into any other website. This is a security problem, but I don't think ATT is taking it seriously. Seems they are not reading this forum for clues to what's going on and not giving good customer service.

Because of this ridiculously insecure method, they are also using javascript to store your password as you type it in a "real" value on the input field so it can "replace" your password with the circles as you type.

I don't know why anyone would think this is a great idea -- I don't care if you're using a tablet PC or not -- this is not a mobile device, this is not a website to be displayed on mobile devices, this is a full desktop page. This means an increased security risk. Now, all it takes is someone glancing at my screen to get my password as I type it.